<? include "include/config.php";

$location = 'users';

if (!isset($_SESSION['_user'])) {
    header("location: login.php");
}

if ($_SESSION['_level'] != 0) {
    header("location: index.php");
}

if ($_GET['sterge']) {
    mysql_query("delete from users where id='" . $_GET['sterge'] . "'");
}

if ($_POST['hidden'] != '') {
    mysql_query("update users set name='" . $_POST['nume'] . "', level='" . $_POST['level'] . "' where id='" . $_POST['hidden'] . "' ");
}

if (($_POST['passwd'] != '') && ($_POST['passwd'] == $_POST['c_passwd'])) {
    mysql_query("update users set passwd=MD5('" . $_POST['passwd'] . "') where id='" . $_POST['hidden'] . "'");
}

if ($_POST['passwd'] != $_POST['c_passwd']) {
    echo "Parola introdusa gresit !";
}

if ($_GET['modifica']!="") { 
    $user_mod_query = mysql_query("select * from users where id='" . $_GET['modifica'] . "' ") ;
    $user_mod = mysql_fetch_array($user_mod_query);
}

if ($_POST['user'] != "") {
    mysql_query("insert into users (`user`,`name`,`passwd`,`level`, `img` ) values('" . $_POST['user'] . "','" . $_POST['nume'] . "',MD5('" . $_POST['passwd'] . "'),'" . $_POST['level'] . "','user.jpg'  )");
}


$sql_user = mysql_query("select * from users");
include "include/head.php"; ?>
<div id = "container">
    <? include "include/meniu.php"; ?>
    <div id = "submenu">
        <div>
            <div>
                <ul>
                </ul>
            </div>
        </div>
    </div>

    <div id = "content">
        <div id = "mid">
            <? if ($_GET['modifica'] == '') { ?> <h2>Introduceti user: </h2>

            <form action = "users.php" method = "post" enctype = "multipart/form-data"
                  onsubmit = "return check_form_user();">
                <label>User</label>
                <input name = "user" id = "user" type = "text" class = "tf b"/>                <br class = "clear"/>

                <label>Nume</label>
                <input name = "nume" id = "nume" type = "text" class = "tf b"/>                <br class = "clear"/>

                <label>Parola</label>
                <input name = "passwd" id = "passwd" type = "password" class = "tf b"/>             <br class = "clear"/>

                <label>Confirmare Parola</label>
                <input name = "c_passwd" id = "c_passwd" type = "password" class = "tf b"/>                <br class = "clear"/>

                <label>Nivel Acces</label>                
                <select name='level' class='b'>
                    <option value='0'> Admin</option>
                    <option value='10'> Agent</option>
                </select>   
                <br class = "clear"/>

                <label>&nbsp;</label>
                <input type = "submit" name = "adauga" value = "Adauga" class = "ok"/>
                <br class = "clear"/>
            </form>
            <? } // END IF GET ?>            

            <? if ($_GET['modifica'] != '') { ?>

            <div>
                <h2>MODIFICA UTILIZATOR</h2>

                <form action = "users.php" method = "post" enctype = "multipart/form-data"
                      onsubmit = "return check_form_user();">
                    <label>Nume</label>
                    <input name = "nume" id = "nume" type="text" value = "<?= htmlentities($user_mod['name']) ?>" class = "tf b"/>
                    <input name = "hidden" id = 'hidden' type = "hidden" value = "<?= $user_mod['id'] ?>"/> <br class = "clear"/>

                    <label>Parola</label>
                    <input name = "passwd" id = "passwd" type = "password" class = "tf b" value = ""/> <br class = "clear"/>

                    <label>Confirmare Parola</label>
                    <input name = "c_passwd" id = "c_passwd" type = "password" value = "" class = "tf b"/> <br class = "clear"/>

                    <label>Nivel Acces</label>
                        <select name='level' class='b'>
                            <option value='0' <? if ($user_mod['level'] == 0)
        echo 'selected'; ?> > Admin</option>
                            <option value='10' <? if ($user_mod['level'] == 10)
        echo 'selected'; ?> > Agent</option>
                        </select>    <br class = "clear"/>

                    <label>&nbsp;</label>
                    <input type = "submit" name = "adauga" value = "Modifica" class = "ok"/>
                </form>
            </div>

            <? } ?>
            
             <h2>TABEL UTILIZATORI</h2>

            <div>
                <div class = "cell bb">User</div>
                <div class = "cell bb">Nume</div>
                <div class = "cell bb ac">Nivel Acces</div>
                <br class = "clear"/>

                <? $i = 0;
                while ($users = mysql_fetch_array($sql_user)) {
                    if ($i % 2 == 0)
                        $class = 'cell__';
                    else
                        $class = 'cell_'; ?>

                <div  class="<?= $class ?> bb"><strong><?= htmlentities($users['user']) ?></strong></div>
                <div class="<?= $class ?> bb"><?= htmlentities($users['name']) ?></div>
                <div class = "<?= $class ?> bb"><?= htmlentities($levels[$users['level']]) ?></div>

                <div class="<?= $class ?> ">
                    <a href = "users.php?modifica=<?= $users['id'] ?>"><img src = "imagini/modifica.gif"/></a>
                </div>

                <div class="<?= $class ?> ">
                    <a href = "users.php?sterge=<?= $users['id'] ?>" onclick = "return delete_confirm('Sunteri siguri ca vreti sa stergeti userul ?')">                      
                        <img src = "imagini/sterge.gif"/>
                    </a>
                </div>
                <br class = "clear"/>

                <? } ?>
            </div>
        </div>
    </div>
</div>

<? include "include/head.php"; ?>